The format in the client log was: 3://host:port
Now it is shown like: HttpProxy://host:port
The old ID display was confusing and misleading users (and people debugging it ;p)
Signed-off-by: Michael Schuster <michael@schuster.ms>
Make the codebase consistent, we already have a lot of implicit pointer comparisons.
Exception: Stay explicit on return's, example:
return _db != nullptr;
Signed-off-by: Michael Schuster <michael@schuster.ms>
This also fixes a couple of warnings at places (out of order init for
instance) and a potential bug in the webflow credentials / qtkeychain
integration.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
The E2E application allows creating unencrypted subdirectories
in an encrypted parent. This is a big privacy problem.
This patch shows a red broken lock icon for these subdirectories
in the NC client UI.
Signed-off-by: Ivan Čukić <ivan.cukic@kde.org>
Due to usage of early-returns, combined with malloc/free,
several buffers that get allocated are leaked when an error
occurs.
Several functions had potential leaks:
- `encryptStringSymmetric` leaked `ctext`
- `EncryptionHelper::fileDecryption` leaked `out`
- `EncryptionHelper::fileEncryption` leaked `out`
Most of the functions had leaks of the cypher context.
This patch uses `QByteArray` as the handler for the dynamically
allocated buffers for openssl to operate on. This also removes
the need for conversions from malloc'd buffers to `QByteArray`
variables previously present in the code.
It also introduces a `CypherCtx` thin wrapper class to provide
a leak-free handling of `EVP_CIPHER_CTX`.
In owncloudsetupnocredspage.ui, the URL input field leUrl has a
placeholder text saying "https://..." which is a very useful hint
for the user. However, in the OwncloudSetupPage constructor, the
placeholer text is overwritten by the return string of the theme's
wizardUrlHint() method. The NextcloudTheme class does not override
this virtual method, so an empty string is used.
To make available the "https://..." hint, it is moved from the
UI file to NextcloudTheme::wizardUrlHint(). Note that, if a
theme is used which does not allow a custom server URL, the
placeholder text is now empty. This makes sense because the
input field is disabled in that case.
Signed-off-by: Stephan Beyer <s-beyer@gmx.net>
In case of denormalized paths in the dav href (presence of . or .. in
the path) simple string startsWith comparison wasn't enough to know if
said href ended up in the right namespace. That's why we're now using
QUrl (pretending local file since we don't have a full URL in the href)
to normalize the path before comparison.
This could happen with broken proxies for instance where we would
wrongly validate the dav information resulting in potentially surprising
syncing and name collisions.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
The message handler globally installed by the logger silently drop
messages if the logger is not logging. On top of it, it doesn't log
debug messages by default.
Anything not logged is currently silently discarded. This can come as a
surprise to a developer trying to contribute for the first time and
adding some debug message for some reason.
We're thus trying to strike a middle ground which is that debug messages
get a regular output if the logger isn't interested in them.
Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
- Application name, version number, OS
Example: Nextcloud Desktop Client
Version 2.6.4 (macOS)
- Keep previous version info in new method Theme::aboutDetails()
Signed-off-by: Michael Schuster <michael@schuster.ms>
So that user may continue to use http2 on their webpage
Signed-off-by: XNG <Milokita@users.noreply.github.com>
(cherry picked from commit dad95d4e46)
Signed-off-by: Michael Schuster <michael@schuster.ms>
- Fetch in ConnectionValidator::slotCapabilitiesRecieved
- Add editors to a list made of the new DirectEditor class
TODO:
- Add support for re-fetch and continously check for changes (ETag)
Signed-off-by: Michael Schuster <michael@schuster.ms>
This introduces a new method to change the colours in the links in QLabel's.
Utilizes a custom crafted RegEx function to replace already-coloured links.
Moved code is based on stuff from the SettingsDialog class.
Signed-off-by: Michael Schuster <michael@schuster.ms>
In certain cases don't write the app password in Account::writeAppPasswordOnce:
- id() is empty: This always happend once the Account Wizard showed the folder selection
- appPassword is empty: Caused by Logout -> Relaunch, preventing remote wipe on relaunch
Implement some logging to ease debugging in the future.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Client SSL certificates and keys cannot be deleted at this time because there is
no UI for selecting them on re-login.
We introduce this dirty hack here, to allow deleting them upon Remote Wipe.
Signed-off-by: Michael Schuster <michael@schuster.ms>
The app password for the remote wipe was constantly being written in
WebFlowCredentials::slotFinished to the keychain, leading to unnecessary
write and log overhead on the system.
This fix introduces a check to only store the app password once in
a lifetime of the Account class. Also the method used to store the
password will be renamed from setAppPassword to writeAppPasswordOnce
to be more expressive.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Drone builds failed with Qt 5.7 and we introduce a new ifdef here
to avoid patching specifically for Ubuntu Xenial only.
Signed-off-by: Michael Schuster <michael@schuster.ms>
- When the the users logs because of 401 or 403 errors, it checks if the
server requested the remote wipe. If yes, locally deletes account and folders
connected to the account and notify the server. If no, proceeds to ask the
user to login again.
- The app password is restored in the keychain.
- WIP: The change also includes a test class for RemoteWipe.
Signed-off-by: Camila San <hello@camila.codes>
This replaces `davUser()`, which is replaced by a numeric ID when using
LDAP, by the username that was actually used for logging in.
Fixes#836
Signed-off-by: Felix Eckhofer <felix@eckhofer.com>
There in no "return" in
PropagateUploadFileCommon::slotStartUpload in if (prevModtime != _item-
>_modtime) {... }
There is possibility that
PropagateItemJob::done(status, errorString)
maybe called two times from PropagateUploadFileCommon::slotStartUpload
1. in if (prevModtime != _item->_modtime) {... }
2. in if (fileIsStillChanging(*_item)) {..}
if changes in files are frequent the second call is possible.
This two calls has effect in PropagatorCompositeJob::slotSubJobFinished
and job is removed two times in _runningJobs.remove(i);
(the second time with argumetnt -1 (because first call removed job).
This return was removed in commit
efc039863b - by accident I think.
Good simulation is to synchronize firefox profile with frequent page
refresh.
Signed-off-by: Mariusz Wasak <mawasak@gmail.com>
It filters the error out of the list of blocking errors. It now shows up
in the Activities and Notificattions list as a warning.
Signed-off-by: Camila San <hello@camila.codes>
Instead of immediately popping up the mnemonic dialogue,
only show a notification bar on the account setup page.
For the cases where the user does not want to use E2E,
this is significantly less intrusive than the old approach.
For #566
Since we only showed the user exclude list (and some extra items) the
system exclude list was still used.
This copies over the system exclude list (if it isn't there).
If it fails we use the system one still.
However if you now remove items from your own list it will really be
gone.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fixes#788Fixes#834
If the activity app is not enabled we should not try to fetch the
activities at all.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
If we use the source format it can result in fully black images. As the
basic generated avatar doesn't have an alpha channel.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Add a test to test the data fingerprint feature make me realize it was broken.
The code was relying in the distinction between empty and null QByteArray,
but this was a bad idea as this difference is lost when going through QString.
The server reply with a code 400 when the token is invalid,
the client was understanding this error as a network error, and was retying
again with the same token.
Instead, we must rely on what the json is saying, even if the reply is
not a 200 code.
Issue https://github.com/owncloud/enterprise/issues/2777
The check was added for #6317 in commit
13eb64584f.
We did see missing mtimes in replies in tests with live servers though.
Possibly those were old incomplete responses cached in the stat cache?
It could happen that readyRead was emitted for incoming data while the
download was not yet finished. Then the network job could finish with
no more data arriving - so readyRead wasn't emitted again.
To fix this, the finished signal also gets connected to the readyRead
slot.
The goal is to avoid confusion described in issue #6422 by removing
duplicates between the Theme and owncloudTheme.
- Use the about from ownCloudTheme everywhere
- Create default applicationIcons() and condifFileName() that should work
everywhere
- trayFolderIcon was removed as it is not used
- the helpUrl from the default Theme now points to the owncloud client
documentation. Before there was no help entry by default for branded
client if the function was not overriden.
- Do not merge functions that would otherwise break compatibility with
theme that did not override them. For example colors or customMedia.
When owncloud is restored, at boot time, it might be started before the
crendential manager. So if we detect an error, wait 10 seconds and hopefully
it'd be loaded by then.
Issues: #4274, #6522
Some servers have virus scanners and the like that can delay the
response of the final chunked upload assembly significantly, often
breaking the current 5min (!) timeout. See owncloud/enterprise#2480
for details.
Previously it tried to abort even jobs that had already finished, which
was not going to work as they wouldn't emit finished() again.
Also, in some cases the abortCount would never go to zero and that case
wasn't well documented.